Home / Blog / Filter / Blog
Subscribe to CERTSI - Blog RSS

Blog

Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Bastioning procedures
INCIBE-CERT technical webinars

INCIBE-CERT technical webinars

Posted on 09/24/2020, by INCIBE
With the aim of increasing cybersecurity knowledge, INCIBE-CERT has published a series of webinars in video format, so that, in a light and entertaining way, knowledge and technical aspects of cybersecurity can be expanded in various areas of interest, for both INCIBE-CERT's technical audience and anyone interested in cybersecurity.
Preventing the leaking of information in ICS

Preventing the leaking of information in ICS

Posted on 05/28/2020, by INCIBE
Exfiltration of data, or information leakage, poses a threat to all companies throughout the world. It is important to know the possible ways information can get out to control them and avoid a loss of information in our organisation. Since in industry the most important factor is availability, this threat has to be put into perspective.
Modbus decorative image

Evolving towards secure Modbus

Posted on 02/20/2020, by INCIBE
The Modbus protocol, in its TCP version, was not developed with cybersecurity capabilities in its communications. For this reason, many researchers have studied the different possibilities that could be undertaken at the technical level to incorporate a security layer in it, giving rise to a new version of Modbus/TCP called secure Modbus/TCP, which will gradually begin to be implemented in industrial communications.
station

Safety recommendations for electric vehicle charging stations

Posted on 02/06/2020, by INCIBE
Over the last few years we have seen how electric vehicles have experienced a boom in terms of their development and retail and, along with them, the deployment of their charging points. In this article we will discuss a series of requirements, in terms of security, that should be implemented in these charging stations in order to ensure their security.
Keyring

My industrial devices support LDAP, now what?

Posted on 09/19/2019, by INCIBE
The main security standards and best practice guidelines in industrial cybersecurity include as a requirement the need for a user authentication system. The options involve implementations in each device of this system or being integrated into a centralised user authentication system. One of the most-used options is the use of the LDAP protocol, but there are a number of points to consider in the design phase, which are key when implementing a specific centralised user management system for industrial control systems, under LDAP.
Busybox

Attacking a BusyBox, the small Gaulish village

Posted on 09/05/2019, by INCIBE
A BusyBox is software or a program that combines several functionalities in a small executable. This small tool was created for use in integrated operating systems with very limited resources, and they are usually used in control systems. But, as in all tools, you have to know what security level they have and if it can be improved.

Pages